DevSecOps in Robotics

Mayoral-Vilches, Víctor; García-Maestro, Nuria; Towers, McKenna; Gil-Uriarte, Endika

doi:10.48550/arxiv.2003.10402

Cited by 3 publications

(3 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Software quality in robotics is often understood as execution according to design purpose whereas security is perceived as the robot will not put data or computing systems at risk of unauthorized access [67]. In this section, we introduce DevSecOps in the context of robotics, a set of best practices designed to help roboticists implant security deep in the heart of their development and operations processes.…”

Section: Devsecopsmentioning

confidence: 99%

Cybersecurity in Robotics: Challenges, Quantitative Modeling, and Practice

Zhu¹,

Raß²,

Dieber³

et al. 2021

Preprint

View full text Add to dashboard Cite

Robotics is becoming more and more ubiquitous, but the pressure to bring systems to market occasionally goes at the cost of neglecting security mechanisms during the development, deployment or while in production. As a result, contemporary robotic systems are vulnerable to diverse attack patterns, and an a posteriori hardening is at least challenging, if not impossible at all. This book aims to stipulate the inclusion of security in robotics from the earliest design phases onward and with a special focus on the cost-benefit tradeoff that can otherwise be an inhibitor for the fast development of affordable systems. We advocate quantitative methods of security management and design, covering vulnerability scoring systems tailored to robotic systems, and accounting for the highly distributed nature of robots as an interplay of potentially very many components. A powerful quantitative approach to model-based security is offered by game theory, providing a rich spectrum of techniques to optimize security against various kinds of attacks. Such a multiperspective view on security is necessary to address the heterogeneity and complexity of robotic systems. This book is intended as an accessible starter for the theoretician and practitioner working in the field.

show abstract

Section: Devsecopsmentioning

confidence: 99%

Cybersecurity in Robotics: Challenges, Quantitative Modeling, and Practice

Zhu¹,

Raß²,

Dieber³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…For each security flaw identified, the pipeline generates a YAML file describing the flaw using RVD [25] taxonomy 1 either in a local directory or pushing the flaw directly as an issue to Github or Gitlab. This way, pipelines support the robotics DevSecOps [7] pushing each potential vulnerability to a centralized flaw management registry.…”

Section: Pipelinesmentioning

confidence: 99%

“…The present article attempts to deal with these problems by proposing a cybersecurity toolbox that aims to enable roboticists and security researchers cooperating in project to have a common, consistent and easily reproducible development environment, facilitating the security process (DevSecOps [7]) in robotics and the collaboration across multiple teams. The contributions of this work are threefold.…”

Section: Introductionmentioning

confidence: 99%

alurity, a toolbox for robot cybersecurity

Mayoral-Vilches,

Abad-Fernández,

Pinzger

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

The reuse of technologies and inherent complexity of most robotic systems is increasingly leading to robots with wide attack surfaces and a variety of potential vulnerabilities. Given their growing presence in public environments, security research is increasingly becoming more important than in any other area, specially due to the safety implications that robot vulnerabilities could cause on humans. We argue that security triage in robotics is still immature and that new tools must be developed to accelerate the testing-triage-exploitation cycle, necessary for prioritizing and accelerating the mitigation of flaws.The present work tackles the current lack of offensive cybersecurity research in robotics by presenting a toolbox and the results obtained with it through several use cases conducted over a year period. We propose a modular and composable toolbox for robot cybersecurity: alurity. By ensuring that both roboticists and security researchers working on a project have a common, consistent and easily reproducible development environment, alurity aims to facilitate the cybersecurity research and the collaboration across teams.

show abstract

Architectural views for social robots in public spaces: business, system, and security strategies

Oruma,

Colomo-Palacios,

Gkioulos

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

This study delineates a suite of architectural views and a security perspective tailored to guide the deployment and integration of Social Robots in Public Spaces (SRPS). It commences with a business context view that utilizes the customer-producer-supplier model, underscoring the value of SRPS to various stakeholders and illustrating how robots can enhance user experiences and drive economic benefits. The system context view details the intricate interactions among the social robot, stakeholders, public spaces, and external systems, highlighting essential considerations for successful deployment, from technical configurations to stakeholder engagement. The functional view elaborates on the operational dynamics of the robot within its environment, focusing on user interaction and data management capabilities. Additionally, the security perspective delves into security considerations vital for safeguarding the SRPS across various domains, including identity and access management, application and network security, and data privacy. The paper also contextualizes these views through a city ferry use case, demonstrating their practical application and reinforcing the importance of multifaceted planning and analysis in real-world settings. This approach provides a strategic framework views for developing SRPS that are viable, efficient, and secure, fostering successful adoption in diverse public environments.

show abstract

DevSecOps in Robotics

Cited by 3 publications

References 18 publications

Cybersecurity in Robotics: Challenges, Quantitative Modeling, and Practice

Cybersecurity in Robotics: Challenges, Quantitative Modeling, and Practice

alurity, a toolbox for robot cybersecurity

Architectural views for social robots in public spaces: business, system, and security strategies

Contact Info

Product

Resources

About